A growing number of transactions involving sensitive personal or business information are now performed in an electronic medium. Unfortunately, the added convenience afforded by the ability to use electronic devices in this manner is offset by the vulnerability of associated information that is maintained, transmitted, or transferred in electronic form. Accordingly, there has been a continual need to protect sensitive information and preserve the authenticity of electronic transactions.
Many electronic devices and computer applications have incorporated various types of passwords as a security feature. Passwords generally include a sequence of values in the form of letters, numbers, and/or other characters that a user must provide before he or she may access content that the password is protecting. Generally, passwords containing a greater number of values will provide a user with greater protection, as the number of possible password combinations grows exponentially with the number of password values included. Some devices and applications even require a user to incorporate a minimum amount of letters and/or numbers in a password to increase the protective strength of the password. However, even the strongest password is ineffective if the password and/or data is revealed to others. Computer software, such as malware, can read and effectively steal a user's password and/or data as it is transferred between devices.
Biometric security sensors represent another form of digital security technology that may be used instead of or in conjunction with passwords. These sensors allow the user to protect electronically stored information as well as authenticate his or her identity by the use of information such as his or her fingerprint, voice, or other physical or characteristic. Unlike passwords, biometric sensors show proof of the presence of an individual. Biometric sensors have gained popularity and are being integrated into new personal computers (PCs) and other devices. However, biometric sensors also present security risks. When a biometric sensor scans a physical characteristic of a user, it generates a data set representing the characteristic of the user. The data set is then transferred to a host device. A device driver executed by the host compares the data set to a baseline dataset to either authenticate the user and allow access to the device or content, or deny access to the device or content if a sufficient correlation between the datasets is not present. But, when the data is transferred to the host, it is subject to electronic snooping and interception by malware programs. Intercepted information can be used to bypass the biometric security feature.